LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-31-2007, 03:35 AM   #1
theking2
LQ Newbie
 
Registered: Mar 2007
Posts: 7

Rep: Reputation: 0
Question find with execdir seems to ignore umask settings


I need to perform a cron-ed find and cp on log files in the form log<day> to log<date> (e.g. log31 to log2007-03-31) and came up with the following command:

find . -name log`/bin/date -d yesterday +%d` -execdir cp log`/bin/date -d yesterday +%d` log`/bin/date -d yesterday +%F` \;

the problem is that the newly created file needs to be accessible by everyone (umask 0) when i put a umask 0 before the find command the files created still end up with -rw-------. how do I succesfully issue the cp command with the proper umask?
 
Old 04-01-2007, 09:33 AM   #2
Zention
Member
 
Registered: Mar 2007
Posts: 119

Rep: Reputation: 16
Is the directory you execdir from suid'd or sgid'd?

First of all try to do one manually, if that yields a different result, then something else is up.

It is possible that a shell is being invoked somewhere along the line - and the umask is being reset to your default.

There are a couple of ways around that - you could export ENV=~/.bashrc1; export POSIXLY_CORRECT="" prior to the find.

Then put umask 000 in ~/.bashrc1.

Then unset -v POSIXLY_CORRECT or replace ENV if you are already using POSIX.

Or you could switch in your default bashrc or bash_profile.

I am not so sure that -execdir is actually more secure then using -exec (and specifying a shell script). The docs do hint at it being more secure in avoiding race conditions, but the having to avoid ./ or the actual directory being changed to existing in $PATH does seem to make it less secure.

Unfortunately cp does not have a -m option like mkdir, thoguh you could also chmod the file afterwards.

The simplest way is to move the command into a script (I think you can chain commands on the -execdir or -exec but it is awkward).
 
Old 04-02-2007, 03:34 AM   #3
theking2
LQ Newbie
 
Registered: Mar 2007
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks Zention, for your elaborate answer. I will sure use the hints you've put there. For my original problem I've found a solution (after rtfm :-)).

Add the "-p" (preserve) option to the cp command. By doing that all ownerships and flags from the original file are preserved.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Proper umask settings for /etc/fstab? stefanlasiewski Linux - General 6 06-05-2009 06:27 PM
X applications ignore UMASK settings thejasondean Ubuntu 0 01-10-2007 05:46 AM
vsftpd umask settings fluffyvoidbunny Linux - Software 2 02-07-2006 03:06 PM
Umask - Settings XaViaR Linux - General 2 09-28-2005 06:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration